Stack-based Buffer Overflow in Microsoft HTML Help Workshop 4.74.8702.0
CVE-2006-0564

Currently unrated

Key Information:

Vendor: Microsoft
Status: Html Help; Html Help Workshop
Vendor: CVE Published:; 6 February 2006

What is CVE-2006-0564?

The Microsoft HTML Help Workshop 4.74.8702.0 and earlier versions, including the Microsoft HTML Help 1.4 SDK, are vulnerable to a stack-based buffer overflow. This flaw occurs when processing a .hhp file containing overly long Contents file fields. If exploited, this vulnerability allows an attacker to execute arbitrary code in the context of the user running the application, potentially compromising system security.

References

http://secunia.com/advisories/18740

third-party-advisoryx_refsource_SECUNIA

http://www.osvdb.org/22941

vdb-entryx_refsource_OSVDB

http://securitytracker.com/id?1015585

vdb-entryx_refsource_SECTRACK

EPSS Score

72% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 6, 2006
Vulnerability Reserved
Feb 6, 2006